Lucene search
HistoryDec 12, 2012 - 12:55 a.m.
CVE-2012-2549
cve-2012-2549
ip-https
windows server 2008
windows server 2012
certificate validation
access restrictions
security vulnerability
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.028 Low
EPSS
Percentile
90.7%
The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka “Revoked Certificate Bypass Vulnerability.”
Affected configurations
Node
microsoftwindows_server_2008r2itanium
ORmicrosoftwindows_server_2008r2x64
ORmicrosoftwindows_server_2012Match-
Related
openvas
openvas
prion
prion
Security feature bypass
2012-12-12 00:55:00
cvelist
cvelist
CVE-2012-2549
2012-12-12 00:00:00
nvd
nvd
CVE-2012-2549
2012-12-12 00:55:01
nessus
nessus
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2012-12-13 00:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.028 Low
EPSS
Percentile
90.7%
Related for CVE-2012-2549